Thirdeye

Malware updated 15 days ago (2024-11-29T13:36:18.867Z)
Download STIX
Preview STIX
ThirdEye is a type of malware, specifically an infostealer, that has been identified as a significant threat to Windows devices. The malicious software infiltrates systems via suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it steals personal information, disrupts operations, and can potentially hold data hostage for ransom. ThirdEye primarily spreads through email (#9001, #9002) and HTTP/S transfers (#8999, #9000), typically as a compressed attachment. It has been observed performing lateral movement within networks, indicating its ability to spread across multiple systems. The malware's lifecycle involves writing itself to disk (#8997) and initiating a pre-execution phase (#8998) on the host level. This enables it to establish a strong foothold within infected systems, making it challenging to detect and remove. SafeBreach has provided coverage of ThirdEye's behavior, documenting its methods of infiltration, lateral movement, and overall operation within compromised systems. Despite the emergence of many infostealing malwares in cyberspace such as Raccoon, RedLine, Vidar, and ThirdEye, there is growing concern about a new, yet-unknown malware named ExelaStealer, which is believed to be even more dangerous. However, the focus remains on ThirdEye due to its recent surge in activity and its targeting of Windows devices, posing a new threat to users worldwide. With its sophisticated techniques and stealthy operations, ThirdEye exemplifies the evolving challenges in the field of cybersecurity.
Description last updated: 2023-12-04T18:18:28.100Z
What's your take? (Question 1 of 3)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Fortiguard
Malware
Infostealer
Windows
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the Thirdeye Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
Fortinet
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
Securityaffairs
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago